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Amendment, filed 03/08/07, has been entered. Claims 1-21 remain pending. 

Specification 

In light of Applicant's amendment, the objection to the specification has been withdrawn. 

Claim Rejections - 35 USC § 102 

In light of Applicant's amendment, the rejection of claim 22 under 35 U.S.C. 102, has been 
withdrawn. 

Claim Rejections - 35 USC § 103 

1. Claims 1, 3, 6, 8, 15, 17 and 20 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Liu (US 6, 079,020). 

2. Regarding claims 1, 8 and 15, Liu substantially teaches the limitations of the claims. 
A packet relaying apparatus and method (VPN management station 160 on Fig. 1, 4 and 5, 
5:55-6:65) comprising: 

first means/network relaying unit for selecting one or more transmission destination 
virtual private network identifiers which are allowed to relay a received packet based on a 
transmission source virtual private network identifier related to the received packet (portion of 
VPN management station 160 selecting a list of all VPN gateways of the VPN network, as 
shown on Fig. 1, utilizing VPN objects, shown on Fig. 6 and 9:28-50, wherein the VPN 
gateways are potential destinations for the received packet, Fig. 9 and 10:25-40); 

second means/domain replaying unit for selecting one or more transmission destination 
domains corresponding to each of said one or more transmission destination virtual private 
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network identifiers, wherein transmission destination domains corresponds to a plurality of 
destination client identifications and masks (portion of VPN management station 160 selecting 
destination domains corresponding to the VPN network, as shown on Fig. 1, utilizing Client 
object 630, disclosed on 9:50-58, which is created for each remote client and identified by a 
plurality of attributes, as disclosed on 9:52-57, wherein all group objects are identified by using 
appropriate masks, 10:37-49); 

third means/routing information management unit for collating, using a mask, a next 
relaying apparatus address of the received packet with each routing information stored in one or 
more domain relaying means which corresponds to each of the one or more domains to select 
the next relaying apparatus address (portion of VPN management station 160, used for masking 
and collating VPN gateways to route VPN packets, as shown on Fig. 9 and 10:40-56, wherein 
all the domains of the VPN are interconnected with VPN configuration information specifying 
the destination address conversion for each VPN gateway); and 

fourth means/packet relaying unit for transmitting the received packet in accordance with 
the next relaying apparatus address selected by the third means (Network interface card 408 of 
VPN management station 160, interconnected with network 100, as shown on Fig. 4 and 8:43- 
60, inherently operating under the management operation of the masking and collating, because 
this operation is essential for the proper routing of the packets). 

Liu does not teach using domain identifiers and client destinatipn addresses for 
identifying clients. 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to add using domain identifiers and client destination addresses for identifying clients. 
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to the system of Liu to improve the system operation with multiple domains, by assigning 
identifiers to the domains to simplify the domain identification and using client destination 
addresses together with clients users names to simplify the domain organization. 

In addition, regarding claims 3 and 17, Liu teaches the packets as IP packets including IP 
addresses (IP addresses 3:39-43). 

In addition, regarding claims 6 and 20, Liu inherently teaches using routing filter to set 
the routing information, because any routing information selection is a filtering operation as it 
excludes other entries of the routing table. 

3. Claims 2 and 16 are rejected under 35 U.S.C. 103(a) as being unpatentable over Liu in 
view of Li (US 6,751,220). 

Liu substantially teaches the limitations of claims 2 and 16 (see claim 1, 8 and 15 
rejection above). 

Liu does not teach identifying a transmission source VPN identifier corresponding to a 
receiving interface from which the received packet has been received. 

Li teaches identifying a transmission source VPN identifier corresponding to a receiving 
interface from which the received packet has been received (packet processing module 28 on 
Fig. 2 performing step 400 of Fig. 4, which identifies the VPN identifier of the received packet 
based on the interface that receives the packet 5:30-44). 

It would have been obvious to one of ordinary skill in the art at the time the invention 
was made to add identifying a transmission source VPN identifier corresponding to a receiving 
interface from which the received packet has been received of Li to the system of Liu to improve 
the system operation by simplifying the identification of the received packet and improve the 
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system security by adding specific interface for the identifying a received packet as the VPN 
packet. 

Allowable Subject Matter 

4. Claims 9-14 are allowed. 

5. Claims 4, 5, 7, 18, 19 and 21 are objected to as being dependent upon a rejected base 
claim, but would be allowable if rewritten in independent form including all of the limitations of 
the base claim and any intervening claims. 

Response to Arguments 

6. Applicant's arguments filed 3/08/07 have been fully considered but they are not 
persuasive. 

On pages 12 and 13 of the Response, Applicant argues that Liu does not teach claims 1, 8 and 15 
limitations, as recently amended, and directed to domain identifiers corresponding to a plurality 
of destination addresses and masks. 
Examiner respectfully disagrees. 

Liu clearly teaches a system comprising numerous clients, identified by a client object 630 on 
Fig. 6, as each client belongs to multiple virtual private networks and comprise multiple 
attributes to identify each remote client. Therefore, using remote clients destination addresses 
together with client's users names will simplify the domain organization and structure, as stated 
in the claims rejection above, as destination addresses are often used with the clients user's 
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names and other client related information in client databases to avoid additional step of 
extracting a destination address, which is essential for the routing, from a separate database. 

In addition, Liu teaches using masks for identifying appropriate fields in the system, as 
clearly shown on step 908 of Fig. 9 and 10:26-56. 

Conclusion 

7. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Dmitry Levitan whose telephone number is (571) 272-3093. The 
examiner can normally be reached on 8:30 to 4:30. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Doris To can be reached on (571) 272-7529. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Dmitry Levitan 
Primary Examiner 
Art Unit 2616 




